Technology

macOS Under Attack: Ransomware EvilQuest comes with a keylogger

Ransomware that only targets MacOS systems is still relatively rare. EvilQuest is now a particularly nasty malware of this kind for Apple computers in circulation. It not only encrypts data but also brings a keylogger with it.

Nasty people keep coming back on Mac

OSX.EvilQuest: Security researcher Patrick Wardle is currently using this name to warn of a new malware that was developed for Apple systems. “It is not common for new ransomware that targets macOS to be discovered,” said Wardle in his first analysis – as ZDNet adds in its report, EvilQuest is only the third ransomware strain after KeRanger and Patcher that is exclusively on OSX -Computer has been tuned.

First of all, the pest has a classic ransomware effect. Once executed, data is encrypted and the user is informed of this with a text popup. However, this only really starts the problem for those affected: “After the encryption process has ended, the ransomware installs a keylogger to record all keystrokes of the user,” says security researchers.

Read This: LG Reportedly Attacked By Ransomware Developers

In addition, a reverse shell is set up in the system, which enables the attacker to connect to the infected host and execute user-defined commands. Finally, the malware looks for and steals typical files for cryptocurrency wallet applications. In short: With one application, the attackers achieve many goals here.

Infection risk low

If you then look at the analysis of possible routes of infection, a fairly well-known picture emerges: The pest was originally made public on June 29 by security researcher Dinesh Devadoss. Its investigations suggest that it has probably been distributed since the beginning of June. The gateway used: “EvilQuest is hiding in pirated macOS software that has been uploaded to torrent portals and online forums.”

Devadoss names a software package called “Google Software Update”, other security researchers have discovered EvilQuest in pirated copies of the DJ software “Mixed In Key” and the macOS security tool Little Snitch. According to the researchers, one can assume that many other applications from such sources are currently carrying the pest. The software also relies on users paying less attention to an installation warning. “macOS users who attempt to pirate software may ignore this warning,” said Wardle.

Share
Published by
Yasir Zeb

Recent Posts

Crash in the smartphone market: lowest sales figures in 13 years

The global smartphone market is experiencing a severe downturn, recording its worst quarter in 13…

13 hours ago

Pixel 11: Mega leak shows images and data from the new Google smartphones

Amazon made a big mistake and revealed the entire lineup of the Google Pixel 11…

13 hours ago

Top 10 Payment Card Tools for Everyday Digital Finance

A payment card is easiest to understand when users see how it fits into real…

18 hours ago

OnePlus is ‘dead’: Oppo wants to soon announce its withdrawal from the EU & USA

OnePlus will soon be history. At least in Europe and the USA. What has been…

19 hours ago

Switch 2 OLED: Nintendo is apparently planning a display upgrade after all

Nintendo is reportedly still internally planning an OLED version of the Switch 2 for the…

19 hours ago

Maps: Google launches major visual update with immersive navigation

Google appears to be starting to distribute the new immersive navigation for Google Maps. The…

19 hours ago